exe file to stop processes

G

Guest

I'm having trouble removing a trojan because a process is using the file that
contains the trojan that needs to be deleted/re-written. My problem is there
are many processes running, even after I've shutdown all the applications
that are visible, and so I have no idea which process is locking up the file
and no idea which processes I can stop safely.

A couple of years ago I remember there was an exe file I could run which
would shutdown unnecessary processes. Does a current version of that still
exist? I'm using XP Pro.
TIA .... Greg
 
R

Roberto

gvm said:
I'm having trouble removing a trojan because a process is using the file
that
contains the trojan that needs to be deleted/re-written. My problem is
there
are many processes running, even after I've shutdown all the applications
that are visible, and so I have no idea which process is locking up the
file
and no idea which processes I can stop safely.

A couple of years ago I remember there was an exe file I could run which
would shutdown unnecessary processes. Does a current version of that still
exist? I'm using XP Pro.
TIA .... Greg
Click to expand...

Start in safe mode and see if you can remove or rename the file in
question.
Better yet, run the following from safe mode
sysclean http://www.trendmicro.com/download/dcs.asp
go here to obtain the latest patern files
http://www.trendmicro.com/download/viruspattern.asp
smitfraud http://www.ik-cs.com/programs/virtools/SmitFraud.exe

rgds
Roberto
 
M

Malke

gvm said:
I'm having trouble removing a trojan because a process is using the file
that contains the trojan that needs to be deleted/re-written. My problem
is there are many processes running, even after I've shutdown all the
applications that are visible, and so I have no idea which process is
locking up the file
and no idea which processes I can stop safely.

A couple of years ago I remember there was an exe file I could run which
would shutdown unnecessary processes. Does a current version of that still
exist? I'm using XP Pro.
TIA .... Greg
Click to expand...

Perhaps you are referring to Systernals' Process Explorer. Get it from
www.systernals.com. Are you doing your removal work in Safe Mode?

Refer to these malware removal steps for procedures:
http://www.elephantboycomputers.com/page2.html#Removing_Malware

Malke
 
G

Guest

I have used Sophos to sweep for viruses and Sophos support gave me procedures
to do the removal. Part of that was to run a downloaded data disk in Safe
Mode (with command prompt). However, even in that situation the trojan was
found but access was denied when deletion was attempted. Unexpectedly, it is
possible to rename the file however. I will check out systernals.com, thank
you .... Greg
 
G

Guest

I used Process Explorer; I may have used it incorrectly because it did not
find a service that was using the file in question. And the good news is ....
I could delete the file and remove it from Trash and ran Sophos with a clean
result. Last night I could not delete the file after renaming it. Perhaps
becuase the system has since been rebooted, a service was unable to latch
onto the file and so I could delete it. Could this be right?
Thanks again for your help .... Greg
 
M

Malke

gvm said:
I used Process Explorer; I may have used it incorrectly because it did
not find a service that was using the file in question. And the good news
is .... I could delete the file and remove it from Trash and ran Sophos
with a clean result. Last night I could not delete the file after renaming
it. Perhaps becuase the system has since been rebooted, a service was
unable to latch onto the file and so I could delete it. Could this be
right? Thanks again for your help .... Greg
Click to expand...

Is this on the same machine where you are having all the sharing problems?

Malke
 
G

Guest

Malke, yes, the machine that had the trojan is the machine that is failing to
access some users' folders on the other machine. That problem still exists
even now the trojan appears to have been removed successfully. Thanks again
for your help ... Greg
 
M

Malke

gvm said:
Malke, yes, the machine that had the trojan is the machine that is failing
to access some users' folders on the other machine. That problem still
exists even now the trojan appears to have been removed successfully.
Thanks again for your help ... Greg
Click to expand...

Yes, well that puts a whole different light on things doesn't it? I think at
this point I'd just back up the data and flatten the system. You suggested
that you were thinking about doing that in your other thread.

http://michaelstevenstech.com/cleanxpinstall.html - Clean Install How-To
http://www.elephantboycomputers.com/page2.html#reinstall_Windows - What you
will need on-hand

Malke
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Multiple Lucoms~1.exe processes 3
Processes with short arbitrary names delaying shutdown? 1
Windows XP running processes 10
rundll32.exe - cannot shutdow or restart. 7
STOP error 2
EXE launched from Service is invisible 4
wstats32.exe = suspect file 4
Visa Can't End Processes 3

Top